Antony review

• 1. Detecting Network Traffic Anomalies through Packet Header Data
  • NAME:ANTONY JEBERSON .D

• REG NO :074501502002

• GUIDED BY

• Mrs.SHIELA FREEDA.MCA,MPhil.,

• ASSISTANT PROFESSOR OF MCA DEPT.

2. ABSTRACT

• This paper proposes a traffic anomaly detector, operated in postmortem and in real-

• time, by passively monitoring packet headers of traffic. The frequent attacks on

• network infrastructure, using various forms of denial of service attacks, have led to an

• increased need for developing techniques for analyzing network traffic. If efficient

• analysis tools were available, it could become possible to detect the attacks, anomalies

• and to take action to contain the attacks appropriately before they have had time to

• propagate across the network. In this paper, we suggest a technique for traffic anomaly

• detection based on analyzing correlation of destination IP addresses in outgoing traffic

• at an egress router. This address correlation data are transformed using discrete wavelet

• transform for effective detection of anomalies through statistical analysis. Results from

• trace-driven evaluation suggest that proposed approach could provide an effective

• means of detecting anomalies close to the source. We also present a multidimensional

• indicator using the correlation of port numbers and the number of flows as a means of

• detecting anomalies..

3. EXISTING SYSTEM:

• There is no well established existing system to prevent the network traffic. Many approaches have been studied to detect, prevent and mitigate malicious network traffic

• such as IDS (intrusion detection system), try to apply previously established rules against incoming traffic to detect and identify potential DoS attacks close to the victims network.

• Work in [43] relies on input data from multiple sources (i.e., all links in a network), while our work focuses on a single link at a time

4. PROPOSED SYSTEM

• We focus on analyzing the traffic at an egress router. Monitoring traffic at a source network enables early detection of attacks

• Ingress filtering protects the flow of traffic entering into an internal network under administrative control

• Egress filtering controls the flow of traffic leaving the administered network. Thus, internal machines are typically the origin of this outbound traffic in view of an egress filter

• .

• With such filtering in place, we can focus on destination addresses and port numbers of the outgoing traffic for analysis purposes.

5. SCOPE OF PROJECT

• The main aim of the project is to reduce the traffic caused in the network

• while transmitting datas using egress router and ingress router.

• MODULES

• LOGIN

• CLIENT

• INGRESS ROUTER

• EGRESS ROUTER

• FILE SENDING

6. DESCRIPTION OF THE MODULES

• Login:

• In this module the user are allowed to sign up as a new user. Once the user signs in there is a separate log maintained for the particular user.

• The existing user can sign in to perform the operation.

• Client:

• The user who wants to send a file is treated as client. Before selecting a file to send, the client has to provide his details to the server. The client is restricted to choose the file which creates traffic in thenetwork.

• Ingress router:

• Ingress filtering protects the flow of traffic entering into an internalnetwork under administrative control. Once the user signs in to the application his details are stored in the server. After choosing a particular file the details of file is gathered in order to prevent traffic.

7.

• Egress router:

• In this module the activities of user after choosing a file is

• checked. An separate log is created for the user. Here all the details including

• size and type of the file he chooses is stored. If he chooses the file which may

• create traffic. the error count in his account gets added.

• File Sending:

• Server checks the size and type of the file chosen by the client. If the

• server finds that it may create traffic then server provide request to the client

• to choose another file. If the client tries to send the file which may create

• traffic for more than 3times, the server disconnects his connection.

8. DESIGN OF MODULES LOGIN FOR SERVER 9. SERVER 10. SEND FILE 11. ANY QURIES ? 12. THANK YOU!